How to create a secure website: 4 tips

A major gap exists between the perception and reality of online security safety, according to Google Registry and The Harris Poll.

One reason why you shouldn't allow your web browser to save your passwords Jack Wallen explains why you should never allow your web browser to save passwords--and what you should do instead.

Website creation is on the rise: 20% of internet users said they have already created a website, and 48% said they plan on creating one in the future, according to a Google Registry and Harris Poll report released on Wednesday.

The report surveyed more than 2,000 US adults to determine how internet users are using websites and their opinions on internet security. Generation Z in particular have the most exposure to website creation, with 34% of 16-24 year olds who have already created a website reporting doing so as a part of their academic curriculum.

SEE: Encryption: A guide for business leaders (free PDF) (TechRepublic)

"People are creating more websites and apps than ever before. Our survey with Harris Poll uncovered that nearly half (48%) of U.S. respondents plan to create a website in the near future." Stephanie Duchesneau, Google program manager III, told TechRepublic. "There is a shared responsibility on the part of every website creator to keep the internet safe. That means taking all of the necessary steps to ensure a website does not compromise the security of its visitors."

Even though more people are creating websites, the majority of Americans have a significant knowledge gap in regards to online security safety, the report found. While 55% of respondents gave themselves a grade of A or B in online safety, some 70% incorrectly identified what a safe URL should look like.

Nearly 30% of respondents said they do not check if there is an S on a website when entering personal information, even after being told that the S in HTTPS signifies a secure connection, the report added.

The report identified the following four safety tips for creating websites:

  1. Visit safe.page to learn about URL literacy and simple ways to stay safe online
  2. Use Security Planner for personalized online security recommendations
  3. Get a free SSL certificate from Let's Encrypt to encrypt your website
  4. After installing an SSL certificate, register a secure top level domain (TLD) through Google: .app, .page, and .dev all come secure by default. This means any live websites ending with .app, .page, or .dev already have a secure HTTPs connection.

It also laid out these four tips for securely navigating websites:

  1. Always check for a lock icon and the S in HTTPS within a web address to make sure the site is encrypted.
  2. When creating a website, be sure to install an SSL certificate so that connections to the site are encrypted.
  3. When clicking on links in emails, PDFs, or online text, idle over the hyperlink to make sure the link matches the page you want to navigate to.
  4. Pay attention to the spelling of web addresses, watching for misspellings or extra letters, which could be covertly used to misdirect the user.

For more security tips, check out TechRepublic's article on the top security tips revealed by industry experts.

Also see

security.jpg
Image: iStockphoto/SARINYAPINNGAM

By Macy Bayern

Macy Bayern is an Associate Staff Writer for TechRepublic. A recent graduate from the University of Texas at Austin's Liberal Arts Honors Program, Macy covers tech news and trends.